SoylentNews

upstart [soylentnews.org] writes:

████ # This file was generated bot-o-matically! Edit at your own risk. ████

Twitter alternative Hive shuts down to fix major security issues [techradar.com]:

Hive Social, one of the microblogging platforms that gained popularity following Elon Musk’s acquisition of Twitter [techradar.com], has gone offline while it fixes a number of major security issues.

In the days following Elon Musk’s Twitter takeover, many users fled to alternative microblogging platforms, such as Mastodon [techradar.com] and Hive, amassing millions of new users practically overnight. But with the increased popularity also came increased scrutiny.

German research group Zerforschung recently discovered a number of severe vulnerabilities in Hive, which would allow threat actors to cause huge damage to the platform: they’d be able to access all data, including private posts and messages, shared media and even deleted direct messages. Furthermore, email addresses and phone numbers used for identity [techradar.com] (opens in new tab) verification could also be accessed.

Going public

Elon Musk’s Twitter takeover sees huge surge in new users for rival Mastodon [techradar.com] (opens in new tab)

Security experts are laying Mastodon's flaws bare [techradar.com] (opens in new tab)

Check out the best endpoint protection software [techradar.com] (opens in new tab)

In a blog post published earlier this week, the group said it notified Hive of its findings in private, and soon afterward received confirmation of the issues being fixed.

However, due to a serious piece of miscommunication, Hive were still working on the fix when Zerforschung went public with its findings, urging users to stay away from Hive and use a different network.

In response, Hive shut down all of its operations completely, until the issues could be resolved. Since then Hive has released a single update, but more are expected soon.

While the researchers might recommend Mastodon instead, it’s fair to say that this platform has had its share of problems too. Last week, researchers discovered three separate flaws [techradar.com] that could allow threat actors to tamper with the stored data, and in some cases even download it.

When news of the flaws broke out, security experts warned Mastodon users not to share data that they wouldn’t be comfortable with everyone knowing about.

• These are the best firewalls [techradar.com] (opens in new tab) around

Via: TechCrunch [techcrunch.com] (opens in new tab)

Original Submission